Could networking automation tools fix shadow IT?

by Lauren Horwitz

Managing Editor, Cisco.com

For years, IT departments have watched helplessly as business units spin up IT resources without the necessary security and governance. Here’s how networking automation tools put the reins of control back in IT’s hands.

As cloud computing, mobile devices and myriad new applications inundate enterprises, IT departments are waking to a harsh reality: Shadow IT isn’t going away; in fact, it’s increasing.

Sean Jabro, a VMware administrator at Intelligent Software Solutions (ISS), a Polaris Alpha company, and his team watched as developers circumvented IT.

“Shadow IT is happening all over the place,” Jabro said at a session on networking automation at the VMworld 2017 conference. “Our developers really wanted to start moving forward fast, and IT just could not keep up.”

Jabro’s observation corresponds with the NTT findings, which indicated that 67% turn to shadow IT because IT isn’t agile enough to accommodate business needs. “Our mean time to production with any kind of system was weeks, easily,” Jabro said.

So Jabro and his team turned to networking automation tools. With automation, the team could “really lock down our security posture inside while still allowing [developers] the ability to spin up VMs [virtual machines] in the environment and have automatic firewall rules in place to allow them to be as accessible as they need, right off the bat, is a huge deal for us.”

Networking automation helps put business and IT back on the same page.

Making networking automation work

Networking virtualization makes it easier for IT departments to provision networks quickly by applying business policies to networking tasks, making provisioning more consistent, standardized and secure. Automation has furthered networking virtualization by managing performance issues and security policies so network administrators can attend to more strategic tasks.

Data indicates that networking automation has been a boon, but it also forces IT departments to embrace additional change.

According to the Enterprise Strategy Group report “Network Automation: Enabler of IT process goals,” for example, nearly 60% of respondents said that network automation tools simplify provisioning of infrastructure. Further, 40% said that trends like cloud computing have forced networking administrators to be more responsive to network change requests, and 44% said that they have had to rethink their concept of network automation.

At the University of New Mexico, the IT department has gained massive benefit from networking automation, including greater speed and agility, as well as the ability to enable hybrid cloud computing. The university consolidated several decentralized IT departments under one roof, then enlisted a-self-service model. Today 100-plus departments can deploy infrastructure and application services, which the centralized IT team manages.

At the same time, said Brian Pietrewicz, deputy CIO at the university, network automation requires that IT personnel thoroughly understand existing IT processes before they automate them.

“When you think about steps from a VM being built to when it’s deployed, the hardest part is nailing down everything you have to do,” said Pietrewicz. “There may be 1,000 steps. Once you have the process defined, you can automate. Then you don’t have to worry about that process anymore.”

Change management isn’t automatic

Many networking professionals say, however, that the road to networking automation is fraught with change-management challenges. Often, the central issue is persuading siloed teams to cooperate.

“Getting the network and security guys together in the same room, on the same page, was the hardest part,” ISS’s Jabro said.

Andrew Hrycaj, a senior network operations specialist at IHS Markit, an information and analysis firm, said that the transition to networking automation was a reality check.

“It forced us to look ourselves in the mirror and automate more [and] create standardized processes,” Hrycaj said. “It was a tough transition. It was a brand-new way of looking at networking.”

And, so too, many network administrators may resist automation out of fear that it will threaten their job security.

“It’s important to not be scared of automation,” said Scott Lowe, an industry blogger, speaker and network engineer.

“You’re not going to be automated out of your job,” Lowe said in a video on network automation. “What about adding value by building a testing framework so you can validate changes? That’s something that requires a lot more effort and more work. But you can’t get the time to do that—to bring a lot of great value to the organization—until you push away all these fires that are rising up to get you.”

For more Cisco resources:

Lauren Horwitz is the managing editor of Cisco.com, where she covers the IT infrastructure market and develops content strategy. Previously, Horwitz was a senior executive editor in the Business Applications and Architecture group at TechTarget;, a senior editor at Cutter Consortium, an IT research firm; and an editor at the American Prospect, a political journal. She has received awards from American Society of Business Publication Editors (ASBPE), a min Best of the Web award and the Kimmerling Prize for best graduate paper for her editing work on the journal article "The Fluid Jurisprudence of Israel's Emergency Powers.”